UK businesses face aggregate costs of up to 1.6 billion if no adequacy decision post-Brexit transition period, report finds

The cost to UK businesses of not receiving an adequacy decision from the European Commission could total between £1 billion and £1.6 billion, according to a new report by think tank New Economics Foundation and UCL European Institute. The report, compiled from interviews with 60 EU and UK legal professionals, data protection officers, business representatives […]

All at (Priva) Sea? Brexit and Data Protection

PrivSec Report looks at some of the issues facing data protection professionals impacted by Brexit as the end to the transition period draws near.  June 2016’s UK referendum on EU membership ushered in stormy waters between the UK and Europe. Four years on, and the UK is approaching the end of the transition period – […]

Business Focus: the latest PrivSec fundraising deals

A roundup of the latest fundraising deals and business news from the privacy, data protection and security sectors. 9th November: ReSec Technologies, an Israeli start-up focusing on malware threat prevention and cyber security, announced it has raised $4 million in funding for a series A round. It’s led by QBN Capital with participation from HDI […]

German court slashes ‘unreasonably high’ GDPR fine by 90%

A €9.55m fine for a telecommunications service provider for breaching GDPR has been reduced to just €900,000 by a German appeals court. 1&1 Telecom GmbH was handed the original fine last December by the Federal Commissioner for Data Protection and Freedom of Information (BfDI) after it emerged that people calling the company’s customer service hotline […]

EDPB issues draft guidance on supplemental measures for data transfers following Schrems II

The European Data Protection Board (EDPB) has recommended measures to supplement personal data transfer tools to ensure compliance with EU standards when transferring data to non-EU “third countries”. Following the Schrems II ruling, which struck down the Privacy Shield between the US and EU in July, many controllers have been relying on Standard Contractual Clauses […]

Canadian privacy watchdog publishes recommendations on regulating use of AI

The Office of the Privacy Commissioner of Canada (the OPC) yesterday outlined recommendations for regulating the use of artificial intelligence, including a rights-based approach. The recommendations include creating a right for a meaningful explanation of automated decisions, and a right of subjects to contest these decisions. It also wants to require organisations to design AI […]